Tuesday Jan 12, 2016

Best Practices Using Oracle Solaris Compliance Tool for SAP

In a recent blogs we talked about end-to-end security with Oracle Solaris 11, SPARC M7 and the ISV Ecosystem  and one of the main elements: the built-in Solaris 11 compliance tools.

Organizations such as banks, hospitals, and governments have specialized compliance requirements. Auditors, who are unfamiliar with an operating system, can struggle to match security controls with requirements. Therefore, tools that map security controls to requirements can reduce time and costs by assisting auditors.

Oracle Solaris 11 lowers the cost and effort of compliance management by designing security features to easily meet worldwide compliance obligations; documenting and mapping technical security controls for common requirements like PCI-DSS to Oracle Solaris technologies. The simple-to-use tool Oracle Solaris compliance tool provides users with not only reporting but also simple instructions on how to mitigate any compliance test failure. It also provides compliance report templates.

Available since release 11.2, Oracle Solaris provides scripts that assess and report the compliance of Oracle Solaris to two security benchmarks:

  • Oracle Solaris Security Benchmark and
  • Payment Card Industry-Data Security Standard (PCI-DSS).

The new command, compliance (1M), is used to run system assessments against security/compliance benchmarks and to generate HTML reports from those assessments. The reports indicate which system tests failed and which passed, and they provide any corresponding remediation steps.

A new whitepaper introduces the compliance report on Oracle Solaris and provides information and best practices on how to assess and report the compliance of an Oracle Solaris system to security standards for SAP Installations. The procedure in this whitepaper was tested on an Oracle Solaris global zone, non-global zone, kernel zone, Oracle SuperCluster, Oracle Solaris Cluster, as well as various SAP Advanced Business Application Programming (ABAP) and Java releases with Oracle Database 11g and 12g. The document concludes with information on an additional new SAP benchmark for SAP applications with special security requirements. Read the whitepaper for details. There is also a related SAP note 2114056  "Solaris compliance tool for SAP installation" published (requires SAP login).

Friday Jan 27, 2012

Use the OPN Fast Track to move your Application to Oracle Solaris 11

Making applications available on Oracle Solaris 11 is simpler than ever before. Most applications applications are known to work smoothly in a Solaris 11 native environment.

The Oracle Partner Network provides a comprehensive portfolio of services and resources for a smooth and cost efficient release of the application on Solaris 11.

[Read More]
About

Technical insights for and about ISV applications on Solaris and SPARC.
Application Availability, How-tos, Best Practices, Application Tuning and Results

Search

Archives
« July 2016
SunMonTueWedThuFriSat
     
1
2
3
4
5
6
8
9
10
11
13
14
15
16
17
18
19
20
21
23
24
25
26
27
28
29
30
31
      
Today